Monitor Public Key

e: 65537

n: hm06lgk3bh9ubmrkoi0iidjkeis4deshgmubofbn3sjnktsqo8dhatb3n11ojpa4206nrp29i20c89g44gkvdsiu893mko6o1kcns1

The modulus (n) above is written as a radix 32 BigInteger, exactly how it should be received in response to a GET_MONITOR_KEY command. As a normal number it looks like this:

n: 1852760413816650136035095380016415118051242282510344996026478438077748069438108768532938672815789269706108821062735753750164588404479813686964539552587649

The monitor uses its RSA key to sign participant certificates. A participant certificate is obtained from the Monitor via a GET_CERTIFICATE command, for example as follows:

   GET_CERTIFICATE franco
The certificate is the SHA-1 hash of the participant's (in this case franco's) public key pair signed with the Monitor's RSA private key. A certificate is used by a participant, below called a verifier, to verify that the public key of another participant, below called the prover, is correct. This is accomplished as follows. First, the prover is asked for its key by the Monitor, on behalf of the verifier, using the directive:
 
   REQUIRE: PUBLIC_KEY 
The prover responds with
 
   PUBLIC_KEY v n 
where v and n are unencoded numbers representing the prover's public key. The numbers v and n are passed to the verifier. The verifier creates a MessageDigest object and updates it with v then with n. Call the result H. The verifier then takes the prover's certificate (a number), obtained previously with a GET_CERTIFICATE command, raises it to the power e (65537) and takes the result modulo n (185276041381665013603...) to get a number C. If C and H are equal, the prover's public key can be considered verified. The following code verifies the Monitor's certificate:
   import java.math.*;
   import java.security.*;

   // Shows how to verify a public key against a certificate by verifying the
   // Monitor's own certificate
   public class CheckCert {
      public static void main (String arg[]) {
         // The Monitor's public key is given by the following two lines
         BigInteger mon_exp = new BigInteger("65537");
         BigInteger mon_mod = new BigInteger("hm06lgk3bh9ubmrkoi0iidjkeis4deshgmubofbn3sjnktsqo8dhatb3n11ojpa4206nrp29i20c89g44gkvdsiu893mko6o1kcns1",32);
         // Create the message digest and update with the public key
         // Then print the result (called the hash - H above)
         try {
            MessageDigest md = MessageDigest.getInstance("SHA-1");
            md.reset();
            md.update(mon_exp.toByteArray());
            md.update(mon_mod.toByteArray());
            byte result[] = md.digest();
            int count = 0;
            try {
               do {
                  System.out.print(result[count]+"|");
               } while (++count > 0);
            } catch (Exception f) {
               System.out.println("\nCount="+count);
            }
         } catch (Exception e) { System.out.println("Yikes"); }

         // The Monitor's certificate is given by the following line
         BigInteger mon_cer = new BigInteger("eqkgqdb4ul308qgkc2bdh5urab2hfkqtvpr99bncqarhpsoqt551onqt9f6mf24m9tg7107eedul89ep0rsattspju6vtenhgse74l",32);
         // Use Monitor's public key to decrypt, reformat the result
         // as a byte array and print (referred to as C above).
         // count begins at 1 because a 0 occupies result[0] (probably
         // indicating a positive number.
         BigInteger chk = mon_cer.modPow(mon_exp, mon_mod);
         byte result[] = chk.toByteArray();
         int count = 1;
         try {
            do {
               System.out.print(result[count]+"|");
            } while (++count > 0);
         } catch (Exception f) {
            System.out.println("\nCount="+(count-1));
         }

         // result: outputs of H and C look the same!
      }
   }